- most (but not all) of the accounts use hotmail.com or outlook.com email addresses, so I've added those to the list of domains not to allow for registration: Users and Submissions > User Submissions > Automatic Disallow Domains (in the Configuration)
The problem is I also have valid users who use these types of accounts.
- block IP addresses that signed up the users; many of them will try more than once
That's what I've been doing this morning. I see from the CAPTCHA log that most of the attempts are coming from places like Romania, Ukraine, Thailand, etc. And, I have practically no valid users from those countries, so I don't have any problem at all using the IP Deny Manager to simply block all traffic from those countries. However, sometimes the attempts are coming from individual IP's in the US or other countries where most of my traffic comes from. In those cases, I've been surgically blocking just the offending IP's.
- On a German-language site that I'm running, all the users fail to log in after registration. My guess is that they can't parse the confirmation email. Changing the text of that email
may also help (untested).
On my site the new users get stopped at the registration phase, because I have the configuration set so that all new users require approval.
- The accounts are created for profile spam only, from what I can tell. So banning users (instead of deleting them) and using the two Spam-X modules attached to this issue
may also help (they auto-ban users that try to post spammy URLs in their profiles).
Interesting. What's the difference between deleting and banning a bogus user account created in this manner? How or why would it be better to ban them, instead of deleting them?
New (related) question. Is there a log, or is there a way to monitor all of the incoming traffic to the website? Or does that have to come from the server level? It would be nice if I could simply look at all of the traffic, and pick off the individual IP addresses that are crating these bogus Spam users.
Thanks for your help.